REMARKS 

Claims 1-72 were previously pending in this patent application. Claims 1- 
72 stand rejected. Herein, Claims 1.12, 23, 34, 38, 47, 51, 60, and 64 have 
been amended. Accordingly, after this Amendment and Response, Claims 1-72 
remain pending in this patent application. Further examination and 
reconsideration in view of the claims, remarks, and arguments set forth below is 
respectfully requested. 

35 U.S.C. Section 112. Second Paragraph. Reiectlons 

Claims 1-33 stand rejected under 35 U.S.C. Section 112, Second 
Paragraph, as being incomplete for omitting essential steps, such omission 
amounting to a gap between the steps. Applicants respectfully disagree that 
Claims 1-33 are incomplete. However, Independent Claim 1,12, and 23 have 
been amended to clarify that the key lease is generated by performance of a 
primary authentication protocol. Withdrawal of the rejection of Claims 1-33 is 
respectfully requested. 

35 U.S.C. Section 102(b) Rejections 

Claims 1,12, and 23 stand rejected under 35 U.S.C. 102(b) as being 
anticipated by Vogler et al., U.S. Patent No. 6,393,127 (hereafter Vogler). 
These rejections are respectfully traversed. 
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Independent Claim 1 recites: 

A method of re-authenticating and protecting communication security, 
comprising the steps of: 

a) performing a secondary authentication protocol between 
a client electronic system (client) and a network access point 
electronic system (AP) using a key lease generated by performance 
of a primary auttientication protocol, wherein said key lease 
includes a key lease period for indicating a length of time in 
which said key lease is valid for using said secondary 
authentication protocol instead of said primary authentication 
protocol, and 

b) if said secondary authentication protocol is successful, 
generating a session encryption key for encrypting communication 
traffic between said client and said AP. (emphasis added) 



It is respectfully asserted that Vogler does not disclose the present 
invention as recited in Independent Claim 1. In particular, Independent Claim 1 
recites the limitations, "performing a secondary authentication protocol," 
(emphasis added), "a key lease generated by performance of a primary 
authentication protocol," (emphasis added), "said key lease includes a key 
lease period for indicating a length of time in which said key lease is valid 
for using said secondary authentication protocol instead of said primary 
authentication protocol," (emphasis added), and "if said secondary 
authentication protocol is successful, generating a session encryption 
key," (emphasis added). In contrast, Vogler is directed to transferring a 
replacement encryption key between a source and target. [Vogler; Col. 2, lines 
27-41]. Vogler fails to disclose performing a secondary authentication protocol, 
as in the invention of Independent Claim 1 . In fact, Vogler never discusses 
authentication to verify an identity (e.g., of the source and the target). Further, 
Vogler does not teach a key lease generated by perfomiance of a primary 
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authentication protocol, wherein the key lease includes a key lease period for 
Indicating a length of time in which the kev lease is valid for u sing the secondary 
authentication protocol instead of the primary authentication protocol, as in the 
Invention of Independent Claim 1 . Furthermore, Vogler never discloses 
generating a session encryption key if the secondary authentication protocol js 
successful , as in the invention of Independent Claim 1. Therefore, it is 
respectfully submitted that Independent Claim 1 Is not anticipated by Vogler and 
is in condition for allowance. 



With respect to Independent Claim 12, it Is respectfully submitted that 
Independent Claim 12 recites similar limitations as in Independent Claim 1. In 
particular, the Independent Claim 12 recites the limitations, "perform a 
secondary authentication protocol," (emphasis added), "a key lease 
generated by performance of a primary authentication protocol" (emphasis 
added), "said key lease includes a key lease period for indicating a length 
of time in which said key lease is valid for using said secondary 
authentication protocol instead of said primary authentication protocol" 
(emphasis added), and "if said secondary authentication protocol is 
successful said client is configured to generate a session encryption key" 
(emphasis added). As discussed above, Vogler fails to disclose the cited 
limitations. Therefore, Independent Claim 12 is not anticipated by Vogler and is 
In condition for allowance based on reasons discussed in connection with 
Independent Claim 1 . 
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With respect to Independent Claim 23, it is respectfully submitted that 
Independent Claim 23 recites similar limitations as in Independent Claim 1. In 
particular, the Independent Claim 23 recites the limitations, "perform a 
secondary authentication protocol" (emphasis added), "a key lease 
generated by performance of a primary auUtentication protocol," (emphasis 
added), "said key lease includes a key lease period for indicating a length 
of time in which said key lease is valid for using said secondary 
authentication protocol instead of said primary authentication protocol," 
(emphasis added), and "if said secondary authentication protocol is 
successful said AP is configured to generate a session encryption key," 
(emphasis added). As discussed above, Vogler fails to disclose the cited 
limitations. Therefore, Independent Claim 23 is not anticipated by Vogler and is 
in condition for allowance based on reasons discussed in connection with 
Independent Claim 1 . 

Claims 34-36, 47-49, and 60-62 stand rejected under 35 U.S.C. 102(b) as 
being anticipated by Dabbish et al., U.S. Patent No. 5,917.911 (hereafter 
Dabbish). These rejections are respectfully traversed. 

Independent Claim 34 recites: 
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A method of authenticating a client electronic system (client), 
comprising the steps of: 

a) in response to a first request to authenticate, performing a 
primary authentication protocol between said client and a first 
network access point electronic system (first AP) to allow access 
to a network, 

b) if said primary authentication protocol is successful, 
generating a key lease, wherein said key lease includes context 
information and a key lease period for indicating a length of time 
in which said key lease is vaid for using a secondary 
authentication protocol instead of said primary authentication 
protocol; 

c) transmitting said key lease to said client; and 

d) in response to a second request to authenticate, performing 
said secondary authentication protocol between said client and a 
second network access point electronic system (second AP) 
using said key lease, (emphasis added) 



It is respectfully asserted that Dabbish does not disclose the present 
invention as recited in Independent Claim 34. In particular, Independent Claim 
34 recites the limitations, "performing a primary authentication protocol 
between said client and a first network access point electronic system 
(first AP) to allow access to a network," (emphasis added), "if said primary 
authentication protocol is successful, generating a key lease," (emphasis 
added), Vherein said key lease includes context information and a key 
lease period for indicating a length of time in which said key lease is valid 
for using a secondary authentication protocol instead of said primary 
authentication protocol," (emphasis added), and "performing said secondary 
authentication protocol between said client and a second network access 
point electronic system (second AP) using said key lease," (emphasis 
added). In contrast, Dabbish is directed to providing access to an encryption 
key when, for example, a court order, approved by a court has been obtained. 
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[Dabbish; Col. 2, lines 2-59]. Dabbish fails to disclose performing a primary 
authentication protocol between the client and a first network access point 
electronic system (first AP) to allow access to a network , as in the Invention of 
Independent Claim 34. In fact, Dabbish never discusses authentication to verify 
an identity to allow access to a network. Moreover, in Dabbish, as a message 
passes through each node (i.e., a key arbitration center (KAC)) of a hierarchical 
tree, an ID and digital signature of each node (i.e., KAC's ID and KAC's 
signature) are added to the message requesting an encryption key, wherein the 
digital signatures are simply verified by a key arbitration center (KAC) or a key 
management center (KMC) to respond to the message requesting the encryption 
key from an entity (e.g., government agency) instead of a llowing the entity 
access to a network . [Dabbish; Col. 3, line 50 through Col. 4, line 67]. The 
encryption key allows the entity (e.g., government agency) to decrypt 
communications for purposes such as wiretapping or monitoring of the individual 
or device that utilizes the encryption key. [Dabbish; Col. 2, lines 50-59]. 
However, the encryption key is not a key lease since the encryption key is not 
generated ]f the primary authentication protocol is successful and since the 
encryption key does not includes context information and a key lease period for 
indicating a length of time in which the kev lease is valid fo r usino a secondary 
authentication protocol instead of the primary authentic ation protocol. 

Further, Dabbish does not teach generating a key lease if the primary 
authentication protocol is successful , wherein the key lease includes context 
infomation and a key lease period for indicating a length of tim e in which the 
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key lease is valid for using a secondary authentica tion protocoi instead of the 
primary authentication protocol , as in the invention of Independent Claim 34. 
Furthermore, Dabbish never discloses performing the secondary authentication 
protocol between the client and a second network access point electronic 
system ^second AP) using the kev lease , as in the invention of Independent 
Claim 34. Therefore, it is respectfully submitted that Independent Claim 34 is 
not anticipated by Dabbish and is in condition for allowance. 

Dependent Claims 35-36 are dependent on allowable Independent Claim 
34, which is allowable over Dabbish. Hence, it is respectfully submitted that 
Dependent Claims 35-36 are patentable over Dabbish for the reasons discussed 
above. 



With respect to Independent Claim 47, it is respectfully submitted that 
Independent Claim 47 recites similar limitations as in Independent Claim 34. In 
particular, the Independent Claim 47 recites the limitations, "perform a primary 
authentication protocol with a first networl( access point electronic system 
(First AP) to allow access to a network," (emphasis added), "receive a key 
lease if said primary authentication protocol is successful," (emphasis 
added), "said key lease includes context information and a key lease period 
for indicating a length of time in which said key lease is valid for using a 
secondary authentication protocol instead of said primary authentication 
protocol," (emphasis added), and "perform said secondary authentication 

3COM-3000.WHD.US.CIP Page 29 Examiner: MOORTHY. A. 

Serial No. 09/900.617 Group Art Unit: 2131 



protocol with a second network access point electronic system (second 
AP) using said key lease," (emphasis added). As discussed above, Dabbisli 
fails to disclose the cited limitations. Therefore, Independent Claim 47 is not 
anticipated by Dabbish and is in condition for allowance based on reasons 
discussed in connection with Independent Claim 34. 

Dependent Claims 48-49 are dependent on allowable Independent Claim 
47, which is allowable over Dabbish. Hence, it is respectfully submitted that 
Dependent Claims 48-49 are patentable over Dabbish for the reasons discussed 
above. 



With respect to Independent Claim 60, it is respectfully submitted that 
Independent Claim 60 recites similar limitations as in Independent Claim 34. In 
particular, the Independent Claim 60 recites the limitations, "perform a primary 
authentication protocol with a client electronic system (client) to allow 
access to a network," (emphasis added), "generate a key lease if said 
primary authentication protocol is successful," (emphasis added), "said key 
lease includes context information and a key lease period for indicating a 
length of time in which said key lease is valid for using a secondary 
authentication protocol instead of said primary authentication protocol," 
(emphasis added), and "perform said secondary authentication protocol 
with said client using said key lease," (emphasis added). As discussed 
above, Dabbish fails to disclose the cited limitations. Therefore, Independent 
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Claim 60 is not anticipated by Dabbish and is In condition for allowance based 
on reasons discussed In connection with Independent Claim 34. 

Dependent Claims 61-62 are dependent on allowable Independent Claim 
60, which is allowable over Dabbish. Hence, it is respectfully submitted that 
Dependent Clalrhs 61-62 are patentable over Dabbish for the reasons discussed 
above. 



35 U.S.C. Section 103(a) Rejections 

Claims 2-6. 13-17, and 24-28 stand rejected under 35 U.S.C. 103(a) as 
being unpatentable over Vogler et al., U.S. Patent No. 6,393,127 (hereafter 
Vogler) and in view of Dole, U.S. Patent No. 6,628,786 (hereafter Dole). These 
rejections are respectfully traversed. 

Dependent Claims 2-6, Dependent Claims 13-17, and Dependent Claims 
24-28 are dependent on allowable Independent Claims 1,12, and 23 
respectively, which are allowable over Vogler. Moreover, Dole does not disclose 
the limitations "performing a secondary authentication protocol" (emphasis 
added), "a key lease generated by performance of a primary authentication 
protocol" (emphasis added), "said key lease includes a key lease period for 
indicating a length of time in which said key lease is valid for using said 
secondary authentication protocol instead of said primary authentication 
protocol," (emphasis added), and "if said secondary authentication protocol 
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is successful, generating a session encryption Icey" (emphasis added), as in 
the inventions of Independent Claims 1,12. and 23. Hence, it is respectfully 
submitted that Independent Claims 1.12, and 23 are patentable over the 
combination of Vogler and Dole for the reasons discussed above. Since 
Dependent Claims 2-6, 13-17. and 24-28 depend from Independent Claims 1. 12 
and 23 respectively, it is respectfully submitted that Dependent Claims 2-6, 13- 
17, and 24-28 are patentable over the combination of Vogler and Dole for the 
reasons discussed above. 



Claims 7-11, 18-22, and 29-33 stand rejected under 35 U.S.C. 103(a) as 
being unpatentable over Vogler et al., U.S. Patent No. 6,393.127 (hereafter 
Vogler). in view of Dole. U.S. Patent No. 6,628,786 (hereafter Dole), and in view 
of Kessler et al., U.S. Patent No. 6,789,147 (hereafter Kessler). These 
rejections are respectfully traversed. 

Dependent Claims 7-11. Dependent Claims 18-22. and Dependent 
Claims 29-33 are dependent on allowable Independent Claims 1.12, and 23 
respectively, which are allowable over Vogler. Moreover, Dole and Kessler do 
not disclose the limitations "performing a secondary authentication 
protocol," (emphasis added), "a key lease generated by performance of a 
primary authentication protocol." (emphasis added), "said key lease 
includes a key lease period for indicating a length of time in which said 
key lease is valid for using said secondary authentication protocol instead 
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of said primary authentication protocol," (emphasis added), and "if said 
secondary authentication protocol is successful, generating a session 
encryption key," (emphasis added), as In the inventions of Independent Claims 
1, 12, and 23. Hence, it is respectfully submitted that Independent Claims 1, 12, 
and 23 are patentable over the combination of Vogler, Dole, and Kessler for the 
reasons discussed above. Since Dependent Claims 7-11, 18-22, and 29-33 
depend from Independent Claims 1. 12 and 23 respectively, it is respectfully 
submitted that Dependent Claims 7-11, 18-22, and 29-33 are patentable over 
the combination of Vogler, Dole, and Kessler for the reasons discussed above. 



Claims 37, 50, and 63 stand rejected under 35 U.S.C. 103(a) as being 
unpatentable over Dabbish et al., U.S. Patent No. 5,917,911 (hereafter Dabbish) 
and in view of Kennelly et al., U.S. Patent No. 6,754,702 (hereafter Kennelly). 
These rejections are respectfully traversed. 

Dependent Claims 37, 50, and 63 are dependent on allowable 
Independent Claims 34, 47, and 60 respectively, which are allowable over 
Dabbish. Moreover, Kennelly does not disclose the limitations "performing a 
primary authentication protocol between said client and a first network 
access point electronic system (first AP) to allow access to a network," 
(emphasis added), "if said primary authentication protocol is successful, 
generating a key lease," (emphasis added), "wherein said key lease includes 
context information and a key lease period for indicating a length of time 
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in which said l(ey lease is valid for using a secondary authentication 
protocol instead of said primary authentication protocol," (emphasis 
added), and "performing said secondary authentication protocol between 
said client and a second network access point electronic system (second 
AP) using said key lease" (emphasis added), as in the inventions of 
Independent Claims 34, 47, and 60. Hence, it is respectfully submitted that 
Independent Claims 34, 47. and 60 are patentable over the combination of 
Dabbish and Kennelly for the reasons discussed above. Since Dependent 
Claims 37, 50, and 63 depend from Independent Claims 34, 47, and 60 
respectively, it is respectfully submitted that Dependent Claims 37, 50, and 63 
are patentable over the combination of Dabbish and Kennelly for the reasons 
discussed above. 



Claims 38-43, 51-56, and 64-69 stand rejected under 35 U.S.C. 103(a) as 
being unpatentable over Dabbish et al., U.S. Patent No. 5,917.911 (hereafter 
Dabbish) and in view of Babu et al., U.S. Patent No. 6,122.639 (hereafter Babu). 
These rejections are respectfully traversed. 

Dependent Claims 38-43, 51-56, and 64-69 are dependent on allowable 
Independent Claims 34, 47, and 60 respectively, which are allowable over 
Dabbish. Moreover, Babu does not disclose the limitations "performing a 
primary authentication protocol between said client and a first network 
access point electronic system (first AP) to allow access to a network" 
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(emphasis added), "if said primary authentication protocol is successful, 
generating a key lease." (emphasis added), "wherein said key lease includes 
context information and a key lease period for indicating a length of time 
in which said key lease is valid for using a secondary authentication 
protocol instead of said primary authentication protocol," (emphasis 
added), and "performing said secondary authentication protocol between 
said client and a second network access point electronic system (second 
AP) using said key lease" (emphasis added), as in the inventions of 
Independent Claims 34, 47, and 60. Hence, it is respectfully submitted that 
Independent Claims 34, 47, and 60 are patentable over the combination of 
Dabbish and Babu for the reasons discussed above. Since Dependent Claims 
38-43, 51-56, and 64-69 depend from Independent Claims 34, 47, and 60 
respectively, it is respectfully submitted that Dependent Claims 38-43. 51-56. 
and 64-69 are patentable over the combination of Dabbish and Babu for the 
reasons discussed above. 



Claims 44, 57, and 70 stand rejected under 35 U.S.C. 103(a) as being 
unpatentable over Dabbish et al., U.S. Patent No. 5,917,911 (hereafter Dabbish) 
and in view of Kung et a!., U.S. Patent No. 5,917,91 1 (hereafter Kung). These 
rejections are respectfully traversed. 

Dependent Claims 44, 57, and 70 are dependent on allowable 
Independent Claims 34, 47. and 60 respectively, which are allowable over 
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Dabbish. Moreover, Kung does not disclose the limitations "performing a 
primary authentication protocol between said client and a first network 
access point electronic system (first AP) to allow access to a network," 
(emphasis added), "if said primary authentication protocol is successful, 
generating a key lease," (emphasis added), '^vherein said key lease includes 
context information and a key lease period for indicating a length of time 
in which said key lease is valid for using a secondary authentication 
protocol instead of said primary authentication protocol," (emphasis 
added), and "performing said secondary auUientication protocol between 
said client and a second network access point electronic system (second 
AP) using said key lease," (emphasis added), as in the inventions of 
Independent Claims 34, 47, and 60. Hence, it is respectfully submitted that 
Independent Claims 34, 47, and 60 are patentable over the combination of 
Dabbish and Kung for the reasons discussed above. Since Dependent Claims 
44, 57, and 70 depend from Independent Claims 34, 47, and 60 respectively, it is 
respectfully submitted that Dependent Claims 44, 57, and 70 are patentable over 
the combination of Dabbish and Kung for the reasons discussed above. 

Claims 45, 58, and 71 stand rejected under 35 U.S.C. 103(a) as being 
unpatentable over Dabbish et al., U.S. Patent No. 5,917,911 (hereafter Dabbish) 
and in view of Burns et al., U.S. Patent No. 6,792,424 (hereafter Burns). These 
rejections are respectfully traversed. 
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Dependent Claims 45, 58, and 71 are dependent on allowable 
Independent Claims 34, 47, and 60 respectively, which are allowable over 
Dabblsh. Moreover, Burns does not disclose the limitations "performing a 
primary authentication protocol between said client and a first network 
access point electronic system (first AP) to allow access to a network," 
(emphasis added), "if said primary authentication protocol is successful, 
generating a key lease" (emphasis added), "wherein said key lease includes 
context information and a key lease period for indicating a length of time 
in which said key lease is valid for using a secondary authentication 
protocol instead of said primary authentication protocol" (emphasis 
added), and "performing said secondary authentication protocol between 
said client and a second network access point electronic system (second 
AP) using said key lease," (emphasis added), as in the inventions of 
Independent Claims 34, 47, and 60. Hence, it is respectfully submitted that 
Independent Claims 34, 47, and 60 are patentable over the combination of 
Dabbish and Burns for the reasons discussed above. Since Dependent Claims 
45, 58, and 71 depend from Independent Claims 34, 47, and 60 respectively, it is 
respectfully submitted that Dependent Claims 45, 58, and 71 are patentable over 
the combination of Dabbish and Burns for the reasons discussed above. 

Claims 46, 59, and 72 stand rejected under 35 U.S.C. 103(a) as being 
unpatentable over Dabbish et al.. U.S. Patent No. 5,917,911 (hereafter Dabbish) 



XOM-3000.WHD.US.CIP 
Serial No. 09/900,617 



Page 37 



Examiner: MOORTHY. A. 
Group Art Unit: 2131 



and in view of Burns et al., U.S. Patent No. 6,792,424 (hereafter Bums). These 
rejections are respectfully traversed. 



Dependent Claims 46. 59, and 72 are dependent on allowable 
Independent Claims 34, 47, and 60 respectively, which are allowable over 
Dabbish. Moreover, Burns does not disclose the limitations "performing a 
primary authentication protocol between said client and a first network 
access point electronic system (first AP) to allow access to a networif" 
(emphasis added), "if said primary authentication protocol is successful, 
generating a key lease," (emphasis added), "wherein said key lease includes 
context information and a key lease period for indicating a length of time 
in which said key lease is valid for using a secondary authentication 
protocol instead of said primary authentication protocol" (emphasis 
added), and "performing said secondary authentication protocol between 
said client and a second networic access point electronic system (second 
AP) using said key lease" (emphasis added), as in the inventions of 
Independent Claims 34, 47, and 60. Hence, it is respectfully submitted that 
Independent Claims 34, 47, and 60 are patentable over the combination of 
Dabbish and Burns for the reasons discussed above. Since Dependent Claims 
46, 59, and 72 depend from Independent Claims 34, 47, and 60 respectively, it is 
respectfully submitted that Dependent Claims 46. 59, and 72 are patentable over 
the combination of Dabbish and Burns for the reasons discussed above. 
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CONCLUSION 



It Is respectfully submitted that the above claims, arguments, and remarks 
overcome all rejections. All remaining claims (Claims 1-72) are neither 
anticipated nor obvious in view of the cited references. For at least the above- 
presented reasons, it is respectfully submitted that all remaining claims (Claims 
1-72) are in condition for allowance. 

The Examiner is urged to contact Applicants' undersigned representative 
if the Examiner believes such action would expedite resolution of the present 
Application. 

Please charge any additional fees or apply any credits to our PTO deposit 
account number: 23-0085. 



Respectfully submitted. 



Wagner, Murabito & Hao, LLP 




Jose S. Garcia 
Registration No. 43,628 



Two North Market Street, Third Floor 
San Jose, CA 95113 
(408) 938-9060 
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